/**
 * 验证是否拥有医生权限
 */
const UserContract = require("../services/contracts/UserContract");
const Message = require("../services/Message");

module.exports = async function (req, res, proceed){
    console.log("角色验证拦截器执行")
    var currentUser = req.session.authenticated
    if(currentUser == undefined || currentUser == undefined)return res.json(Message.response(403, "用户未登录", null))
    var res = UserContract.validateUserRole(currentUser.username, ['SYS_ADMIN', 'DOCTOR'])
    if(res){
        // 认证信息存放的是登录的账户地址
        return proceed()
    }
    return res.json(Message.response(403, "权限验证失败", null))
}